73413 matches found
Astra Linux - уязвимость в linux, linux-5.10, linux-5.15
In the Linux kernel, the following vulnerabilities have been resolved: ocfs2: A memory leak has been fixed in ocfs2mountvolume. There is a memory leak reported by kmemleak: - Unreferenced object: 0xffff88810cc65e60 size: 32 - Command: “mount.ocfs2”, PID: 23753, Jiffies: 4302528942 Age: 34735.105s...
Astra Linux - уязвимость в linux-5.10, linux, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: wifi: ipw2200: fixed a memory leak in ipwwdevinit. In the error handling path of ipwwdevinit, an exception value is returned, and the memory allocated for this function is not released. Additionally, the memory is not released in...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerabilities have been resolved: Bluetooth: hciconn: now returns ERRPTR instead of NULL when there is no link. hciconnectsco currently returns NULL when there is no link i.e., when hciconnlink returns NULL. scoconnect expects ERRPTR in case of any error see...
Astra Linux - уязвимость в linux-5.10, linux
In the Linux kernel, the following vulnerability has been resolved: nfc: st21nfca: fixed memory leaks in EVTTRANSACTION handling Error paths do not free the previously allocated memory. Add devmkfree to those failure paths...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerabilities have been resolved: PCI/bwctrl: Fixed NULL pointer dereferencing when bus numbers are exhausted. When the BIOS fails to assign bus numbers to PCI bridges, the kernel attempts to correct this during PCI device enumeration. If there are no availabl...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: dmaengine: qcom-adm: The calling convention for prepslavesg has been corrected. The calling convention for prepslavesg requires returning NULL in case of an error, along with providing an error log to the system. However, qcom-ad...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: Wifi: wilc1000: added the missing unregisternetdev function in wilcnetdevifcinit. The fault injection test reports this issue as follows: Kernel BUG at net/core/dev.c:10731! Invalid opcode: 0000 1 PREEMPT SMP KASAN PTI Call trace...
Astra Linux – Vulnerability in Linux
In the Linux kernel, the following vulnerability has been resolved: spi: spi-fsl-dspi: A resource leak was fixed in the error handling path. The call dspirequestdma should be undone by a call to dspireleasedma in the error handling path of the probe function, as already done in the remove functio...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: wifi: ath12k: The TID is decremented during error handling for RX peer frag setup. Currently, the TID is not decremented before peer cleanup, during the error handling phase of the ath12kdprxpeerfragsetup function. This could lea...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: drm/panel: ili9341: fix optional regulator handling If the optional regulator lookup fails, reset the pointer to NULL. Other functions such as mipidbipoweronconditional only perform a NULL pointer check; otherwise, they will...
Astra Linux – Vulnerability in Mariadb 10.3
In MariaDB before 10.9.2, the compresswrite function in extra/mariabackup/dscompress.cc does not release the datamutex upon a stream write failure, which allows local users to trigger a deadlock...
Astra Linux - уязвимость в linux-5.15
In the Linux kernel, the following vulnerability has been resolved: Driver Core: Fixed a resource leak in deviceadd. When kobjectadd fails in deviceadd, it will call cleanupgluedir to free resources. However, in kobjectadd, dev-kobj.parent has been set to NULL. This will cause a resource leak. Th...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerabilities have been resolved: ublk: Fixed NULL pointer dereferencing in ublkctrlsetsize. The ublkctrlsetsize function dereferes ub-ubdisk unconditionally through setcapacityandnotify, without checking whether ub-ubdisk is NULL. ub-ubdisk becomes NULL befor...
Astra Linux - уязвимость в libxml2
The vulnerability of the xmlMemStrdup function in the Libxml2 library is related to pointer manipulation errors. Exploiting this vulnerability allows an attacker to cause a service failure...
Astra Linux - уязвимость в speex
A vulnerability involving division by zero in the static int readsamples function of Speex v1.2 allows attackers to cause a Denial-of-Service attack through a specially crafted WAV file...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: Wifi: ath11k: The affinity hint was cleared before calling ath11kpcicfreeirq in the error path. If a shared IRQ is used by the driver due to platform limitations, then the IRQ affinity hint is set correctly after the allocation o...
Astra Linux - уязвимость в xorg-server
A flaw was discovered in xorg-server. Changing the actions of XKB buttons, such as moving between the touchpad and the mouse, can lead to out-of-bounds memory reads and writes. This may allow for local privilege escalation or potential remote code execution, especially in cases where X11 forwardi...
Astra Linux - уязвимость в linux-6.1
In the Linux kernel, the following vulnerability has been resolved: smb: Client: Fixed the smbdirectrecvio leak in the smbdnegotiate error path. During tests of another unrelated patch, I was able to trigger this error: Objects remaining on kmemcacheshutdown...
Astra Linux - уязвимость в linux-5.10, linux-5.15
In the Linux kernel, the following vulnerabilities have been resolved: drm/shmem-helper: The erroneous “put” operation has been removed from the error path. The drmgemshmemmmap function does not have a reference in the error code path, resulting in the dma-buf shmem GEM object being freed...
Astra Linux - уязвимость в gst-plugins-good1.0
Before version 1.18.4, GStreamer might access already-freeed memory in error code paths when demuxing certain malformed Matroska files...